From 503a1353dcf23f8a5fcb8a2c79d55f707e75cf33 Mon Sep 17 00:00:00 2001 From: Aleksey Lysenko Date: Fri, 16 Dec 2016 15:57:26 +0200 Subject: Fixed wrong scheme for secure websocket Websocket server always constructed QWebSocketHandshakeRequest like for non-secure socket without checking SecureMode. This led to the fact that secure socket had "ws" scheme. Task-number: QTBUG-55927 Change-Id: I881766f55182136072fd23f3fefe93ea60f3d27d Reviewed-by: Timur Pocheptsov --- .../qwebsocketserver/qwebsocketserver.pro | 2 + .../qwebsocketserver/tst_qwebsocketserver.cpp | 56 ++++++++++++++++++++++ 2 files changed, 58 insertions(+) (limited to 'tests/auto/websockets/qwebsocketserver') diff --git a/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro b/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro index adba325..e166f50 100644 --- a/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro +++ b/tests/auto/websockets/qwebsocketserver/qwebsocketserver.pro @@ -10,3 +10,5 @@ TEMPLATE = app SOURCES += tst_qwebsocketserver.cpp +RESOURCES += $$PWD/../shared/qwebsocketshared.qrc + diff --git a/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp b/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp index 699939f..7f2bfa4 100644 --- a/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp +++ b/tests/auto/websockets/qwebsocketserver/tst_qwebsocketserver.cpp @@ -32,6 +32,9 @@ #include #include #endif +#ifndef QT_NO_SSL +#include +#endif #include #include #include @@ -106,6 +109,7 @@ private Q_SLOTS: void tst_preSharedKey(); void tst_maxPendingConnections(); void tst_serverDestroyedWhileSocketConnected(); + void tst_scheme(); // qtbug-55927 }; tst_QWebSocketServer::tst_QWebSocketServer() @@ -507,6 +511,58 @@ void tst_QWebSocketServer::tst_serverDestroyedWhileSocketConnected() QCOMPARE(socketDisconnectedSpy.count(), 1); } +void tst_QWebSocketServer::tst_scheme() +{ + QWebSocketServer plainServer(QString(), QWebSocketServer::NonSecureMode); + QSignalSpy plainServerConnectionSpy(&plainServer, SIGNAL(newConnection())); + + QVERIFY(plainServer.listen()); + + QWebSocket plainSocket; + plainSocket.open(plainServer.serverUrl().toString()); + + if (plainServerConnectionSpy.count() == 0) + QVERIFY(plainServerConnectionSpy.wait()); + QScopedPointer plainServerSocket(plainServer.nextPendingConnection()); + QVERIFY(!plainServerSocket.isNull()); + QCOMPARE(plainServerSocket->requestUrl().scheme(), QStringLiteral("ws")); + plainServer.close(); + +#ifndef QT_NO_SSL + QWebSocketServer secureServer(QString(), QWebSocketServer::SecureMode); + QSslConfiguration sslConfiguration; + QFile certFile(QStringLiteral(":/localhost.cert")); + QFile keyFile(QStringLiteral(":/localhost.key")); + QVERIFY(certFile.open(QIODevice::ReadOnly)); + QVERIFY(keyFile.open(QIODevice::ReadOnly)); + QSslCertificate certificate(&certFile, QSsl::Pem); + QSslKey sslKey(&keyFile, QSsl::Rsa, QSsl::Pem); + certFile.close(); + keyFile.close(); + sslConfiguration.setPeerVerifyMode(QSslSocket::VerifyNone); + sslConfiguration.setLocalCertificate(certificate); + sslConfiguration.setPrivateKey(sslKey); + sslConfiguration.setProtocol(QSsl::TlsV1SslV3); + secureServer.setSslConfiguration(sslConfiguration); + QSignalSpy secureServerConnectionSpy(&secureServer, SIGNAL(newConnection())); + + QVERIFY(secureServer.listen()); + + QWebSocket secureSocket; + typedef void (QWebSocket::* ignoreSslErrorsSlot)(); + connect(&secureSocket, &QWebSocket::sslErrors, + &secureSocket, static_cast(&QWebSocket::ignoreSslErrors)); + secureSocket.open(secureServer.serverUrl().toString()); + + if (secureServerConnectionSpy.count() == 0) + QVERIFY(secureServerConnectionSpy.wait()); + QScopedPointer secureServerSocket(secureServer.nextPendingConnection()); + QVERIFY(!secureServerSocket.isNull()); + QCOMPARE(secureServerSocket->requestUrl().scheme(), QStringLiteral("wss")); + secureServer.close(); +#endif +} + QTEST_MAIN(tst_QWebSocketServer) #include "tst_qwebsocketserver.moc" -- cgit v1.2.1